OpenID is a protocol for users to access several services with a single account. As a web developer, you can use OpenID to offer users a way to log in using an account they already have, such as their Google account. In the enterprise, you may be able to use OpenID to connect to a company’s SSO server.

OpenIdClient.redirectURL calculates the URL where you should redirect the user. It involves fetching the user’s OpenID page asynchronously, this is why it returns a CompletionStage<String>. If the OpenID is invalid, the returned CompletionStage will be completed with an exception.

OpenIdClient.verifiedId inspects the current request to establish the user information, including his verified OpenID. It will do a call to the OpenID server asynchronously to check the authenticity of the information, returning a promise of UserInfo. If the information is not correct or if the server check is false (for example if the redirect URL has been forged), the returned CompletionStage will be completed with an exception.If the CompletionStage fails, you can define a fallback, which redirects back the user to the login page or return a BadRequest.